CSCI 2006 - Spring 2024 - Server-Side ProgrammingLab #10 - User & Sessions (part 2)

Lab #10 - User & Sessions (part 2)

Purpose: Add additional state and user dependent content

Instructions

  1. Please copy your solution (or the provided solution) for Lab #9
  2. When the visitor is not logged in, on the log-in page, create a form or link to a form that allows the user to create an account. The form should prompt for the username, real name (display name) and a password
  3. When the "create account" form is submitted, gather the input and generate the password hash using password_hash (using the default algorithm). Execute the following SQL:
    INSERT INTO `User` (`username`,`display`,`passhash`,`type`)
  VALUES (?, ?, ?, "reg")
  4. Once the SQL is executed, continue the execution of your code as if the user had logged in as this newly created user account
  5. The second enhancement to the site is for the "advanced" user accounts. On the log off page, use the following SQL to generate a list of user accounts
    SELECT `username` FROM `User` WHERE `type`="reg"
  6. Add a button/link for each name that when pressed causes the following SQL to be executed. This action is going to be thought of as "inviting" the user to join the "advanced" users club
    UPDATE `User` SET `type`="adv" WHERE `username`=?
  7. Add a last button/link on the page that allows the current user to "exit" the "advanced" users club. Clicking that link should execute this SQL
    UPDATE `User` SET `type`="reg" WHERE `username`=?
  8. Test
    1. Test to ensure that you can create new user accounts
    2. Test to ensure that you can successfully login as your new user accounts
    3. Test to ensure that you are able to promote other your new user accounts
    4. Test to ensure that you are able to demote your new user accounts
    5. Test to ensure that when your account is demoted, your access to advanced features ends immediatly (rather than requiring a logoff/login cycle)
  9. Upload your PHP file(s) (if you have not been doing that to test your code as you go), to the remote server. Place the file in "public_html/csci2006/lab10/
  10. In a web-browser, go to the URL below

    Link will populate after you enter your username

Submitting Instructions